npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

encrypted-vault-mcp

v0.1.0

Published

MCP server providing a local-first encrypted key-value vault. AES-GCM 256-bit cipher, PBKDF2-derived key from a user PIN. Stores secrets, API keys, notes, or any string data on disk. Zero cloud, zero telemetry, zero network — all data stays on the machine

Readme

encrypted-vault-mcp

MCP server providing a local-first encrypted key-value vault. Store API keys, secrets, notes, or any string data under a PIN. AES-GCM 256-bit cipher, PBKDF2 (600k iterations, SHA-256) derived key. Zero cloud. Zero telemetry. Zero network.

MIT License Node ≥ 18 MCP AES-GCM

Why

Storing secrets in plain text in chat history is bad. Pasting API keys into prompts is worse. This MCP gives the agent a vault: it can store a value once under a name, then later fetch it by name without you re-typing the secret.

  • AI agent can hold long-lived secrets safely between chats
  • You unlock once per session with a PIN
  • All data stays on the machine as encrypted bytes
  • Wrong PIN = wrong key = nothing decrypts (AES-GCM auth tag fails)

Install

npm install -g encrypted-vault-mcp

Or npx:

npx encrypted-vault-mcp

Use with Claude Desktop

Add to claude_desktop_config.json (Windows: %APPDATA%\Claude\claude_desktop_config.json):

{
  "mcpServers": {
    "vault": {
      "command": "npx",
      "args": ["-y", "encrypted-vault-mcp"]
    }
  }
}

Restart Claude Desktop. First time:

"Use vault to init with pin 1234"

Then any time:

"Unlock vault with pin 1234, then store my-openai-key as sk-..."

"Fetch my-openai-key"

"List vault keys"

Tools

| Tool | Args | Description | |---|---|---| | init | pin | Create a new vault file with this PIN. Fails if one already exists. | | unlock | pin | Derive key from PIN. Required before store/fetch/list/remove. | | lock | — | Clear key from memory. | | store | key, value | Encrypt + save under name. | | fetch | key | Decrypt + return value. | | list | — | List all key names. Values stay encrypted on disk. | | remove | key | Delete an item. | | change_pin | old_pin, new_pin | Rotate PIN. Re-encrypts everything with new key. | | status | — | Show whether vault exists / is unlocked / path / item count. |

Crypto

  • Cipher: AES-256-GCM (authenticated encryption — wrong PIN = decryption fails cleanly)
  • Key derivation: PBKDF2-HMAC-SHA256, 600,000 iterations (OWASP 2023 recommendation), 16-byte salt
  • IV: 96-bit random per encryption (NIST SP 800-38D)
  • PIN verification: separate PBKDF2 hash with its own salt; the PIN itself is never persisted
  • File permissions: vault file is written with mode 0o600 (owner read/write only)

Storage location

Default: ~/.encrypted-vault-mcp/vault.json

Override:

{
  "mcpServers": {
    "vault": {
      "command": "npx",
      "args": ["-y", "encrypted-vault-mcp"],
      "env": { "VAULT_PATH": "/secure/drive/my-vault.json" }
    }
  }
}

File format

{
  "version": 1,
  "salt": "<base64, 16 bytes>",       // for PBKDF2 key derivation
  "pinSalt": "<base64, 16 bytes>",    // separate salt for PIN verification
  "pinHash": "<base64, 32 bytes>",    // PBKDF2 hash of PIN (for verify only)
  "items": {
    "my-openai-key": {
      "iv": "<base64, 12 bytes>",
      "ciphertext": "<base64>",
      "tag": "<base64, 16 bytes>"    // GCM auth tag
    }
  }
}

Threat model

| Threat | Protected? | |---|---| | Disk read by attacker without PIN | ✅ items unrecoverable without PIN | | Wrong PIN | ✅ AES-GCM auth fails, no data leaked | | PIN brute-force | ⚠️ 600k PBKDF2 iterations slow it; use a real password for high-value secrets | | Process memory dump while unlocked | ❌ key sits in memory between unlock and lock — lock when done | | Malicious MCP client | ❌ if the agent itself is hostile, it can call fetch on whatever it wants — only run trusted agents |

Local development

git clone https://github.com/KhushalB25/encrypted-vault-mcp.git
cd encrypted-vault-mcp
npm install
npm run build
npm start

Inspect:

npx @modelcontextprotocol/inspector node dist/index.js

Author

Khushal Bhandari · GitHub

License

MIT